This also adds a test to ratelimiter based on the Linux selftest.
These tests can be run by adding a -DWGTEST to the build options, either:
* putting "option WGTEST" into sys/conf/GENERIC
* run make as: COPTS="-DWGTEST" make
They will run at boot time and output to the console.
I think this is closer to what testing should look like on OpenBSD, but
that is not really a decision for me to make. At least for the time being
we can leave this here and get people to test it.

This didn't cause any issues in practice, as sizeof(struct ratelimit)
was larger than sizeof(struct ratelimit_entry), however besides being
incorrect, it means we're allocating more memory than necessary.

It's better to do marshalling when dealing with the wire format, in one
place, and then pass around native endian numbers. Then, since chapoly
needs its own encoding, we take care of encoding there, too. But we
never touch this stuff in the middle.
At the same time, on big endian systems, xchapoly was using the wrong
endian nonce. And on systems with alignment traps, xchapoly was
crashing.

Unfortunately in some earlier refactoring, I missed the handshake_last_sent
check in wg_send_initiation. Maybe it wasn't in timers.c. This meant that
initiation packets may be sent at a rate faster than 1 per 5 seconds.
NOT GOOD.
This also required a few helpers for the timeout as we don't want to use
ratecheck in wg_timers_event_want_initiation as it may override
t_handshake_last_sent.
I'll also change the timer to nanoseconds because we can, and extra
precision won't hurt.

The packet layout is a wireguard property, and hence those fields should
live in wireguard. This also helps us benefit from the natural struct
alignment that wireguard packets have, so we don't need __packed.

I always like it when we take away lines, and remove bugs at the same time
Some things that are here now:
* Don't update sockets until new ones are ready. This means if you try to
set the port to an address already in use, then it won't kill the current
sockets.
* Retry AF_INET6 if the port that AF_INET chose was in use for AF_INET6.
This copies the retries (100) from Linux, not sure where that came from
but is a reasonable number. Personally, I'd prefer a power of 2 number,
and for it to be a bit smaller, but there isn't much difference by this
point. If you can't bind to a port 64 vs 100 times in a row, something
else is the issue.
Bugfixes:
* Need to create a new socket if changing rtable, will return EBUSY if
socket is bind'ed and you attempt to change the rtable.

A few changes to align with Linux:
* Don't want_initiation when noise_remote_encrypt fails
* Don't clear current keypairs with wg_new_handshake
* Remove 'ready' vars
* Remove ratecheck in run_retry_handshake
* Ensure any packets that are queued are sent after wg_up
* Match keep_key_fresh functions in noise_remote_{encrypt,decrypt}

1) Use proper address identification for allowed IPs
While this originally came from ifconfig.c:settunnel, I do believe it is
hacky. Now, we see if inet_net_pton correctly parses an IPv4 address, and
if not, attempt IPv6. The address would be invalid if both fail.
This was seen (for example, but not limited to) these files:
src/usr.sbin/smtpd/to.c:text_to_netaddr
src/sbin/isakmpd/ui.c:ui_teardown
2) if( in WG_LOAD_KEY
This is an easy fix, however with a bit more modification, we can make the
whole block look nicer.
3) setwgconf
setwgconf wasn't great. It also implemented functionaliy that is
debatable whether we want to have in an initial release. It was new
functionality to ifconfig (read from stdin), maybe it would be better to
do this for all command arguments instead?
wgtools provides a way to load large numbers of peers in automatically. It
also seems OpenBSD isn't as worried about secrets on the command line as
by default ksh history isn't logged.
4) General BSDisms
check == NULL
Add some comments to growwgdata
80 col line wraps

* in wg_timers_run_new_handshake, the two task_add's would race on the
taskq, potentially noise_remote_clear'ing the wg_send_initiation. Now
we run a specific task for it, ensuring that it is run serially.
* don't count dropped keepalive packets.
* we needed to NULL the keypair pointers in noise_remote_clear
* indentation change on noise_remote_decrypt
* we also don't need to check kp_ctr.c_send when receiving packets.

wireguard-go, Linux kernel will do all timer stuff before sending the
response. They will also begin_session before sending too, so match that
as well.
Also, we rely on wg_send_buf to handle any error cases it can handle,
rather than depending on it's result to signal the timer system. If we
cannot send a packet, then print an error message.

This required a few changes, first wg_{up,down} no longer run in nettq,
meaning they are not necessarily serialised. That means, we now use
IFF_RUNNING as a serialiser.
We also need a "need_lock" as this is called from two contexts, one in
the SIOCSIFFLAGS and the other in SIOCSWG. The latter already holds an
exclusive sc_lock, so we don't want to recurse.
Since we want to bring up the interface if someone assigns an address,
we also fallthrough on the SIOCSIFADDR ioctl.
Also, it means we need to NET_UNLOCK() in SIOCSIFFLAGS (and by extension
SIOCSIFADDR), which from what I can see is OK, but there may be hidden
cases I'm not aware of.
The benefits now mean that if someone runs the following command, they
get immediate feedback that the interface is working or not.
# ifconfig wg0 up
ifconfig: SIOCSIFFLAGS: Address already in use